File tree Expand file tree Collapse file tree 1 file changed +14
-0
lines changed Expand file tree Collapse file tree 1 file changed +14
-0
lines changed Original file line number Diff line number Diff line change @@ -25,6 +25,20 @@ sudo iptables -N DOCKER || echo 'Firewall already configured'
2525sudo iptables -I FORWARD 1 -j DOCKER
2626docker run -d -v $OVPN_DATA :/etc/openvpn --cap-add=NET_ADMIN --privileged -p 1194:1194/udp --name $NAME $IMG
2727
28+
29+ #
30+ # Test that easy_rsa generate CRLs with 'next publish' set to 3650 days.
31+ #
32+ crl_next_update=" $( docker exec $NAME openssl crl -nextupdate -noout -in /etc/openvpn/crl.pem | cut -d' =' | tr -d ' GMT' ) "
33+ crl_next_update=" $( date -u -d " $crl_next_update " " +%s" ) "
34+ now=" $( docker exec $NAME date " +%s" ) "
35+ crl_remain=" $(( $crl_next_update - $now )) "
36+ crl_remain=" $(( $crl_remain / 86400 )) "
37+ if (( $crl_remain < 3649 )) ; then
38+ echo " easy_rsa CRL next publish set to less than 3650 days." >&2
39+ exit 2
40+ fi
41+
2842#
2943# Generate a first client certificate and configuration using $CLIENT1 as CN then revoke it.
3044#
You can’t perform that action at this time.
0 commit comments